The Nigerian Letter

This Nigerian Letter is linked to fax machines, which is why I talked about it here.

What is it?

The Nigerian Letter is a document sent by a scammer to a victim making the victim think that they can get a lot of money for helping in some (usually urgent) matter.

However, for the help to happen, the scammer asks for an upfront fee. There is most certainly a fee to pay the notary to be able to unblock your money, right?

First Known Cases

The first documented such scammers happened in the 18th century. In that period, Spain would put many people, poor and rich, in jail. The scammer would send a letter to a rich person who was likely to want to help another rich person so as to receive a reward for helping them to get escape from prison. The scammer was asking for upfront money to pay the prison guards… and of course that money just went bye bye.

These scams evolved with time. In 1830, we start seeing letters telling people that a large lump sum of gold was found and unclaimed. For a small fee, you can become the owner as it will allow me to release that treasure trove and send it to you. Seen such emails? Yes! This has been going on for several hundred years.

Why Nigeria?

As with most things, people tend to feel the need for a scapegoat.

The fact is that someone in Nigeria sent a fax with such a letter and since that day, the name stuck.

The scam is often referenced as 419. This is because the law under which such criminal are condemned is article 419 of the Nigeria Criminal Code.

It’s probably also one of the first country that mentioned Princes as having some extra cash to send to you… (whatever you believe!) and those scam showed very large amount of money. Who wouldn’t want to receive 15% of $30M?

By All Means!

Today those scams are still going around and they go even faster and way larger in scope.

All the possible way of communications are used:

  • Letters (very seldom)
  • Fax
  • Email
  • Text Messages (SMS)
  • Social Media (pretty much all of them, although I’ve notice that I don’t get much at all on Facebook/Messenger or LinkedIn these days).
  • Hijacked email or social media accounts—this gives the scammer a much higher chance to get the money since he pretends that he’s that friend of yours and that friend is stranded somewhere without any money and asking you (always ask yourself, why me?!) to help better the situation
  • Etc.

New Scams

Scammers have been learning. All the information is available in our libraries. Knowledge is vast.

So now they use yet other types of scams that work very well.

Romance

Don’t send money to your boyfriend or girlfriend you only dated online…

One of the new scheme is to get involved through Social Media. It’s actually very easy to make a man or a woman fall in love with you, especially if they are not currently involved (i.e. lonely).

Once the scammer feels that the other person is in love with him or her (yes, don’t think that scammers are only men), the scammer start asking for financial help. Very small sums at first. Then it will grow and grow… until you final decide to cut it off because you sent all of that money and the person actually never bought that plane ticket to come see you. Yeah…

Online Sales

Obviously, more and more people are using online stores to purchase goods these days. With companies such as Amazon, it has boosted acceptance of online sales. It has become a lot easier to create an e-Commerce website and get sales.

Scammers use those systems, pretending that they have objects of great value, they get the sale and the money of the sale and then disappear.

Anything which is worth enough may somehow be offered by a scammer: Expensive Collectible Stamps, Rare Races of Pets, Luxurious Brands of Watches, etc.

You Won the Lottery!

That great feeling of receiving an email telling you that you won the jackpot of $10M! Isn’t that great!

Oh wait… but you did not even play that very lottery. What’s it’s a Lottery promoted by Microsoft?! I thought that only states and governments could offer lotteries. Hmmm…

In these scams, the bad guys generally ask you for all your information, such as you name, address, phone number, bank account number (where would we put all of that lottery money otherwise?!), social security number (needed to tell the IRS about the lottery payment).

Now… What information do you need to get a quick loan? What information do you need to get a credit card? What information do you need to do a transfer or write a check? I’m not saying that it will work every time, but scammers are not scared of trying over and over with many different people.

Secure Your Account

Another one I’ve seen a lot is about your account being broken in. You must act quickly to make sure to fix the issue. This is for your bank account, Paypal account, Facebook account (remember, if I can access your social account, I can talk to your friends and ask them for money).

Many times, these scam emails include a link so you can immediately log in your account and fix the problem. That is, the link sends you to their website which happens to look exactly like your bank’s, Paypal, or some other site. People who don’t understand how things work can’t understand/see that the URL is all wrong and they try to sign in with the existing credentials… giving away that information to the scammer which will very quickly access that account and use it for their own personal profit.

A valid URL starts with “https://” which unfortunately many browsers now hide. I know what it is anyway, but I don’t think that helps at all. Next you have sub-domains. It is rare that large businesses do not use a sub-domain and those can look really random. Next comes the domain name. With my Paypal example above, that would be paypal dot com which must then be followed by a slash (/). If you do not see the slash right after the “com”, then that’s not paypal. Many hackers have created sub-domain names that look like those names, for example:

https://super-secure.paypal.com.login.example.kr/some/path/here

In that example, we notice a period (.)—or dot—after the “com” segment. This is wrong. It means that’s not the main domain name. We continue to the first slash (/) and we see that just before we have “example.kr”. That’s the part which is just before the slash (/) so that is the exact domain name. Although you do see “paypal.com” within the link, it’s not where you’re being sent to.

Leave a Reply

Your email address will not be published. Required fields are marked *